Top 10 Stories

On April 25, security firm Checkmarx publicly disclosed that it has found that a malicious developer can trick Amazon's Alexa voice assistant technology to record everything a user says. At this time, it's not clear if any hackers have ever exploited the flaw, which is not in the Amazon Echo hardware, but rather is an abuse of functionality in the Alexa Skills feature set. Developers can extend Alexa's technology by building skills that provide new...

Atlanta spent more than $2.6 million on recovery efforts stemming from a ransomware attack, which crippled a sizable part of the city's online services. The city was hit by the notorious SamSam ransomware, which exploits a deserialization vulnerability in Java-based servers. The ransom was set at around $55,000 worth of bitcoin, a digital cryptocurrency that in recent weeks has wildy fluctated in price. View Full Story ORIGINAL SOURCE: ZDNet

A newly published "exploit chain" for Nvidia Tegra X1-based systems seems to describe an apparently unpatchable method for running arbitrary code on all currently available Nintendo Switch consoles. Hardware hacker Katherine Temkin and the hacking team at ReSwitchedreleased an extensive outline of what they're calling the Fusée Gelée coldboot vulnerability earlier today, alongside a proof-of-concept payload that can be used on the Switch. View Full Story ORIGINAL SOURCE: Arstechnica

A newly discovered cybercriminal group is installing custom malware onto the systems of organisations in healthcare and related sectors in order to conduct corporate espionage. These targeted attacks are carried out against a small number of selected organisations as well as the supply chains which serve them, with the tactics and use of custom malware suggesting the attacks are the work of an a cybercriminal group working for its own ends - not that of a...

NATO and assorted partners have unleashed a massive cyber-attack on the fictional country of Berylia to test their ability to defend critical infrastructure against outside attacks. The virtual country will suffer its virtual attack under NATO's Cooperative Cyber Defence Centre of Excellence's (CCDCOE) Locked Shields 2018, which CCDCOE described as the world's “largest and most advanced international live-fire cyber defence exercise”. View Full Story ORIGINAL SOURCE: The Register

NATO and assorted partners have unleashed a massive cyber-attack on the fictional country of Berylia to test their ability to defend critical infrastructure against outside attacks. The virtual country will suffer its virtual attack under NATO's Cooperative Cyber Defence Centre of Excellence's (CCDCOE) Locked Shields 2018, which CCDCOE described as the world's “largest and most advanced international live-fire cyber defence exercise”. View Full Story ORIGINAL SOURCE: The Register

The personal finance expert Martin Lewis is suing Facebook for allowing scammers to use his name and image in fake adverts on the social network. Mr Lewis will lodge an action for defamation against the company today, arguing that as a publisher it is responsible for the false ads. The case is thought to be the first of its kind. The broadcaster said that he had been deeply upset over cases in which people had lost up...

The personal finance expert Martin Lewis is suing Facebook for allowing scammers to use his name and image in fake adverts on the social network. Mr Lewis will lodge an action for defamation against the company today, arguing that as a publisher it is responsible for the false ads. The case is thought to be the first of its kind. The broadcaster said that he had been deeply upset over cases in which people had lost up...

Britain’s security services cannot offer "absolute protection" against Russian hackers, a top spy has warned. GCHQ cyber defence chief Ciaran Martin warned that it is a matter of "when not if" the UK suffers a "serious cyber attack". He claimed spooks are now battling to stop attacks that "most impact on our way of life" instead of trying to prevent every breach. Mr Martin - who heads the National Cyber Security Centre - told the...

US-based SunTrust Bank said it is working with law enforcement after it discovered that a former employee had stolen private information belonging to nearly 1.5 million customers. "In conjunction with law enforcement, we discovered that a former employee while employed at SunTrust may have attempted to print information on approximately 1.5 million clients and share this information with a criminal third party," SunTrust CEO William Rogers said in a press conference on Friday. View Full...